Cyber Weapons and Real Wars

So far what is happening in Libya has offered to myself and to my dear colleague, friend and aviation guru David Cenciotti many opportunities to analyze the points of convergence in modern wars between information security and military operations.

In several posts I tried to figure out the role of new technologies in modern wars (now you should be familiar and even a little bit bored with the term Mobile Warfare), and probably this article describing a real operation aimed to hijack the Libyana Cellular Network by the Rebel Forces is the best example to describe how real modern wars may be fought with Cyber weapons.

Apparently this is a pure (cyber)military operation and there is no trace of conventional military forces, nevertheless (I am getting older!) after publishing the article I just felt like I missed something. Only a couple of days later, David made me notice I missed a fundamental link between the cyber operation and his real passion: the aviation. He had to quote a passage of the original Wall Street Journal article to make me realize the missing element:

The new network, first plotted on an airplane napkin and assembled with the help of oil-rich Arab nations, is giving more than two million Libyans their first connections to each other and the outside world after Col. Gadhafi cut off their telephone and Internet service about a month ago.

How could I miss it! The new hijacked network was first plotted on an airplane napkin: here the point of convergence between Cyber Operations and aviation, even if in this case the support provided by aviation was only logistic and not military, in the sense that it provided, so to speak, the necessary “infrastructure” to plot the initial schema of the network.

Of course this is a kind of joke since in this case the role of cyber weapons (the hijack plan) and conventional weapons (the airplane) was well distinct and consequently the boundary of cyber world and real world was not overcome (as if to say: the cell network was not bombed). Nevertheless these joyful thoughts come out in the same day in which an (apparently unrelated) opposite example has shown that the boundary between the two worlds can be easily overcome and cyber weapons may become as lethal as real weapons: the example is Stuxnet, since just today Iran admitted the real extent of the damage caused by this terrible malware.

In recent weeks, Iranian media reported about dozens of large-scale accidents and explosions in Iran’s industrial sites, especially facilities dealing with oil and petrochemicals. Iran reported at least ten deaths in these explosions.

“Enemies have attacked industrial infrastructure and undermined industrial production through cyber attacks. This was a hostile action against our country,” Iran’s official IRNA news agency quoted Jalali as saying. “If it had not been confronted on time, much material damage and human loss could have been inflicted.”

The fact that Stuxnet damaged some Iranian Nuclear Facilities and delayed the Nuclear Program is something well known. The fact that the malware even caused some victims between the technicians of the industrial sites targeted is something completely new and unprecedented. From a metaphorical point of view Stuxnet acted as a portal between cyber and real battlefields, where unfortunately victims are not virtual. Another unenviable record demolished by this terrible malware that is leaving an indelible mark on the information security landscape .